Exploitation Summary
EIP tracks 1 public exploit for CVE-2006-4421. PoCs published by Kuon.
AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in Yapig version 0.95b. The vulnerability arises from insufficient sanitization of user-supplied input in the 'D_REFRESH_URL' parameter of the 'thanks_comment.php' script.
Description
Cross-site scripting (XSS) vulnerability in template/default/thanks_comment.php in Yet Another PHP Image Gallery (YaPIG) 0.95b allows remote attackers to inject arbitrary web script or HTML via the D_REFRESH_URL parameter.
Exploits (1)
The provided text describes a cross-site scripting (XSS) vulnerability in Yapig version 0.95b. The vulnerability arises from insufficient sanitization of user-supplied input in the 'D_REFRESH_URL' parameter of the 'thanks_comment.php' script.